Research

  • Managing Risks and Attack Paths in Business Applications
  • SAP Security: Detecting SAP rootkits
  • Designing Secure Financial Infrastructures
  • Applications Security
  • DB2 / Oracle Security

Conferences 2017

  • 27.01.2017 European Commission (Brussels, Belgium) Protecting vulnerability disclosure

Conferences 2016

  • 21.09.2016 DSAG Annual Congress (Nürnberg, Germany) How to steal a million dollars and get away with it

Conferences 2015

  • 16.09.2015 GCC Cyber Security Summit (Abu Dhabi, U.A.E.) Protecting your business from Cyber Attacks
  • 04.09.2015 HP Protect (Washington D.C., U.S.) SAP Security: How to steal a million dollars and get away with it
  • 08.06.2015 Hack In Paris (Paris, France) SAP Security: Attacks to Business Processes
  • 18.03.2015 Troopers (Heidelberg, Germany) SAP, Credit Cards and The Bird That Talks Too Much

Conferences 2014

  • 06.08.2014 BlackHat (Las Vegas, USA) SAP, Credit Cards and The Bird That Talks Too Much
  • 27.03.2014 BlackHat (Singapore) SAP Security: Attacks to Business Processes

Conferences 2013

  • 30.10.2013 SAP Product Security Summit (Walldorf/Germany) Manipulating the business processes for fun and profit

Conferences 2012

  • 13.10.2012 SAP Product Security Summit (Walldorf/Germany) Attacking SAP Systems. Why, How, Who and How do we prevent?
  • 19.07.2012 Integralis Secure World 2012  (Stuttgart/Germany) Hack Proofing SAP Systems
  • 20.07.2012 Integralis Secure World 2012 (Stuttgart/Germany) Attacking SAP Systems Through ABAP applications
  • 27.04.2012 Daimler Security Summit (Stuttgart/Germany) SAP Penetration Testing

Conferences 2011

  • 25.03.2011 SAP Internal (Walldorf/Germany) SAP Security
  • 16.05.2011 ITM/S Global Information Security (Stuttgart/Germany) Common Attacks to SAP Systems
  • 28.06.2011 Integralis Secure World 2011 (Stuttgart/Germany) How to attack an SAP System
  • 08.09.2011 Sec-T (Stockholm/Sweden) SAP Security
  • 17.09.2011 Hacktivity (Budapest/Hungary) Rootkits and Trojans on Your SAP Landscape
  • 05.11.2011 Defcon (Lucerne/Switzerland) Enterprise Security

Conferences 2010

  • 07.10.2010 Secude Security Forum (Regensburg/Switzerland) SAP Security
  • 13.10.2010 RISK 2010 (Oslo/Norway) SAP Security and Sensitive Information
  • 04.11.2010 Defcon (Lucerne/Switzerland) The Truth about ABAP Security
  • 17.11.2010 DOAG (Nuernberg/Germany) SAP Password Security
  • 27.12.2010 CCC (Berlin/Germany) Rootkits and Trojans on your SAP Landscape

Papers

Slides

Security Advisories: